osdir.com

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Openstack] specify endpoint in API calls


Dear colleagues,

I have the following configuration of endpoints:

$ openstack endpoint list --service identity
+----------------------------------+-----------+--------------+--------------+---------+-----------+--------------------------------+
| ID                               | Region    | Service Name | Service 
Type | Enabled | Interface | URL                            |
+----------------------------------+-----------+--------------+--------------+---------+-----------+--------------------------------+
| 68a4eabc27474beeb6f08d986cca3263 | RegionOne | keystone     | 
identity     | True    | public    | http://controller-ext:5000/v3/ |
| 6fab7abe61e84463a05b4e58d8f7bb60 | RegionOne | keystone     | 
identity     | True    | internal  | http://controller:5000/v3/    ; |
| eb378df5949046a49661dad3c887677f | RegionOne | keystone     | 
identity     | True    | admin     | http://controller:5000/v3/    ; |
+----------------------------------+-----------+--------------+--------------+---------+-----------+--------------------------------+

and want to explicitly use public endpoint (calling controller-ext, NOT 
controller) when doing API calls. Example of code:

from keystoneauth1.identity import v3
from keystoneauth1 import session as authsession
from keystoneclient.v3 import client as identity

os_domain = 'default'
auth_url = 'http://controller-ext:5000/v3'
os_username = 'admin'
os_password = 'adminpass'
project_name = 'admin'

password = v3.Password(auth_url=auth_url,
                        username=os_username,
                        password=os_password,
                        user_domain_name=os_domain,project_name=project_name,project_domain_name=os_domain)auth = authsession.Session(auth=password)
ks = identity.Client(session = auth)

for ep in ks.endpoints.list():
pass


returns an error since it tries to call 'controller' (which is internal 
address and isn't resolvable):

keystoneauth1.exceptions.connection.ConnectFailure: Unable to establish 
connection to 
http://controller:5000/v3/endpoints?endpoint_filter=service_type&endpoint_filter=interface: 
HTTPConnectionPool(host='controller', port=5000): Max retries exceeded 
with url: 
/v3/endpoints?endpoint_filter=service_type&endpoint_filter=interface 
(Caused by NewConnectionError('<urllib3.connection.HTTPConnection object 
at 0x1063f1940>: Failed to establish a new connection: [Errno 8] 
nodename nor servname provided, or not known',))

The question is: are there ways to implicitly point to 'public' (and 
whatever else) endpoint when working with identity service?

Thank you.

-- 
Volodymyr Litovka
   "Vision without Execution is Hallucination." -- Thomas Edison

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20181105/e5700cb8/attachment.html>